search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
added samples
[windows-sources.git] / sdk / samples / WCFSamples / TechnologySamples / Extensibility / Security / AuthorizationPolicy / CS / service / App.config
blob19eb37a311881de9c0a604381afcd66e636ab6a8
1 <?xml version="1.0" encoding="utf-8" ?>
2 <configuration>
3
4 <system.serviceModel>
5 <services>
6 <service name="Microsoft.ServiceModel.Samples.CalculatorService"
7 behaviorConfiguration="CalculatorServiceBehavior">
8 <host>
9 <baseAddresses>
10 <!-- configure base address provided by host -->
11 <add baseAddress ="http://localhost:8001/servicemodelsamples/service"/>
12 </baseAddresses>
13 </host>
14 <!-- use base address provided by host, provide two endpoints -->
15 <endpoint address="username"
16 binding="wsHttpBinding"
17 bindingConfiguration="Binding1"
18 contract="Microsoft.ServiceModel.Samples.ICalculator" />
19 <endpoint address="certificate"
20 binding="wsHttpBinding"
21 bindingConfiguration="Binding2"
22 contract="Microsoft.ServiceModel.Samples.ICalculator" />
23 </service>
24 </services>
25
26 <bindings>
27 <wsHttpBinding>
28 <!-- Username binding -->
29 <binding name="Binding1">
30 <security mode="Message">
31 <message clientCredentialType="UserName" />
32 </security>
33 </binding>
34 <!-- X509 certificate binding -->
35 <binding name="Binding2">
36 <security mode="Message">
37 <message clientCredentialType="Certificate" />
38 </security>
39 </binding>
40 </wsHttpBinding>
41 </bindings>
42
43 <behaviors>
44 <serviceBehaviors>
45 <behavior name="CalculatorServiceBehavior" >
46 <serviceDebug includeExceptionDetailInFaults ="true" />
47 <serviceCredentials>
48 <!--
49 The serviceCredentials behavior allows one to specify a custom validator for username/password combinations.
50 -->
51 <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Microsoft.ServiceModel.Samples.MyCustomUserNameValidator, service" />
52 <!--
53 The serviceCredentials behavior allows one to specify authentication constraints on client certificates.
54 -->
55 <clientCertificate>
56 <!--
57 Setting the certificateValidationMode to PeerOrChainTrust means that if the certificate
58 is in the user's Trusted People store, then it will be trusted without performing a
59 validation of the certificate's issuer chain. This setting is used here for convenience so that the
60 sample can be run without having to have certificates issued by a certificate authority (CA).
61 This setting is less secure than the default, ChainTrust. The security implications of this
62 setting should be carefully considered before using PeerOrChainTrust in production code.
63 -->
64 <authentication certificateValidationMode="PeerOrChainTrust" />
65 </clientCertificate>
66 <!--
67 The serviceCredentials behavior allows one to define a service certificate.
68 A service certificate is used by a client to authenticate the service and provide message protection.
69 This configuration references the "localhost" certificate installed during the setup instructions.
70 -->
71 <serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
72 </serviceCredentials>
73 <serviceAuthorization serviceAuthorizationManagerType="Microsoft.ServiceModel.Samples.MyServiceAuthorizationManager, service">
74 <!--
75 The serviceAuthorization behavior allows one to specify custom authorization policies.
76 -->
77 <authorizationPolicies>
78 <add policyType="Microsoft.ServiceModel.Samples.CustomAuthorizationPolicy.MyAuthorizationPolicy, PolicyLibrary" />
79 </authorizationPolicies>
80 </serviceAuthorization>
81 </behavior>
82 </serviceBehaviors>
83 </behaviors>
84
85 </system.serviceModel>
86
87 </configuration>